0-day in Microsoft OLE Packager/PowerPoint

Wolfgang Kandek

Last updated on: September 6, 2020

Microsoft informed in security advisory 3010060 that they are aware of limited attacks against a new vulnerability in OLE packager. The vulnerability CVE-2014-6352 exists on all supported versions of Windows, except Windows 2003. The attack allows for remote code execution. As a temporary solution Microsoft has prepared a Fix-it in KB3010060. There are also instructions on how to configure EMET to block the attack.

OLE Packager was patched just this month in MS14-060. There a vulnerability (CVE-2014-4114) was also under limited attack through PowerPoint, and Microsoft credited iSIGHT Partners for the find. The new CVE-2014-6352 has security researchers from Google and McAfee in its credits section. McAfee has a blog post that details how they detected the additional weaknesses in OLE packager.

Stay tuned for more updates.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *